mirror of
https://github.com/project-redbud/FunGame-Server.git
synced 2025-12-05 08:09:03 +00:00
49 lines
1.8 KiB
C#
49 lines
1.8 KiB
C#
using Microsoft.AspNetCore.Authorization;
|
|
using Milimoe.FunGame.WebAPI.Services;
|
|
|
|
namespace Milimoe.FunGame.WebAPI.Architecture
|
|
{
|
|
public class JwtAuthenticationMiddleware(RequestDelegate next)
|
|
{
|
|
public async Task InvokeAsync(HttpContext context)
|
|
{
|
|
JWTService jwtService = context.RequestServices.GetRequiredService<JWTService>();
|
|
|
|
// 获取 JWT Token
|
|
string token = context.Request.Headers.Authorization.ToString().Replace("Bearer ", "");
|
|
|
|
if (token == "")
|
|
{
|
|
await next(context);
|
|
return;
|
|
}
|
|
|
|
// 如果存在 Authorize 属性且指定了 CustomBearer 认证方案,跳过 JWT 吊销检查
|
|
Endpoint? endpoint = context.GetEndpoint();
|
|
IReadOnlyList<AuthorizeAttribute>? authorizeAttributes = endpoint?.Metadata.GetOrderedMetadata<AuthorizeAttribute>();
|
|
if (authorizeAttributes != null)
|
|
{
|
|
foreach (AuthorizeAttribute authorizeAttribute in authorizeAttributes)
|
|
{
|
|
if (authorizeAttribute.AuthenticationSchemes == "APIBearer" || authorizeAttribute.AuthenticationSchemes == "CustomBearer")
|
|
{
|
|
await next(context);
|
|
return;
|
|
}
|
|
}
|
|
}
|
|
|
|
// 检查 JWT 是否被吊销
|
|
if (jwtService.IsTokenRevoked(token))
|
|
{
|
|
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
|
|
context.Response.ContentType = "application/json";
|
|
await context.Response.WriteAsync("{\"message\":\"此 Token 无效或已吊销,请重新登录以获取 Token。\"}");
|
|
return;
|
|
}
|
|
|
|
await next(context);
|
|
}
|
|
}
|
|
}
|